Tenable Bolsters Its Cloud Security Arsenal with Malware Detection
Tenable Cloud Security is enhancing its capabilities with malware detection. Combined with its cutting-edge, agentless vulnerability-scanning technology, including its ability to detect anomalous behavior, this new capability makes Tenable Cloud Security a much more complete and effective solution. ...
FlowFixation: AWS Apache Airflow Service Takeover Vulnerability and Why Neglecting Guardrails Puts Major CSPs at Risk
Tenable Research discovered a one-click account takeover vulnerability in the AWS Managed Workflows Apache Airflow service that could have allowed full takeover of a victim’s web management panel of the Airflow instance. The discovery of this now-resolved vulnerability reveals a broader problem of m...
Unlocking Kubernetes Innovation Through Simplified Cloud Security with Tenable
Tenable Cloud Security simplifies Kubernetes security by providing any containerized environment with new features including easy custom policy enforcement, enhanced access control, Helm charts scanning and workload protection. The capabilities offer powerful means for securing your clusters effortl...
Taking Control of Kubernetes: Enforcing Least Privilege to Secure Your Kubernetes Environment
Kubernetes has become the de facto standard for managing containerized workloads in private and public clouds. However, security standards have failed to keep pace, leading to increased risk of cyberattacks and data breaches for insecure or misconfigured platforms. Here we examine the challenges inv...
Managed Kubernetes: Is It Right for My Organization?
As an organization grows its usage of containers, managing them becomes more complex. A common response is to adopt Kubernetes for container orchestration. But how do you properly secure your Kubernetes clusters? And should your organization host its Kubernetes deployments or instead choose a manage...
How a Serverless Architecture Can Help You Secure Cloud-Native Applications
Cybersecurity teams often struggle with securing cloud-native applications, which are becoming increasingly popular with developers. The good news is that deploying these applications on a serverless architecture can make it easier to protect them. Here’s why....
Cloud Leaders Sound Off on Key Challenges
Too many identities, systems and cooks in the kitchen cloud an already complex mandate....
Level Up Your Cloud Security Strategy
Learn how to better your cloud security program with these ten security resolutions. ...
Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works....
Beyond the Horizon: Top 5 Cloud Security Trends to Watch in 2024
Generative AI will undoubtedly boost organizations’ cybersecurity capabilities. However, cybersecurity departments will reap few gains from generative AI without first enforcing solid cloud security principles. In this blog, we explain the top cloud security trends that organizations must track – an...
Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
Using CNAPPgoat, you can now experiment with a technique that leverages exposure to SSRF to trigger calls to AWS services from within an Amazon EC2 instance. ...
Building Custom Scenarios with CNAPPgoat
You can now construct and import your own vulnerability scenarios into CNAPPgoat, enhancing your cloud security skills....
